People are acting like we know for a fact that Sony did something wrong. We have no idea what kind of security they have, they could have done everything right but the hackers did too. Or maybe it was an inside job? Unfortunately you can do everything right and something can go wrong.
For all anyone here knows your information has been stolen from 10 other companies and they/you don't even know it. So don't assume just because this happened that Sony was careless. Thats dumb. If you're house got broken into and something of mine got stolen I would not yell at your for being "careless" with my posessions.
People are acting like we know for a fact that Sony did something wrong. We have no idea what kind of security they have, they could have done everything right but the hackers did too. Or maybe it was an inside job? Unfortunately you can do everything right and something can go wrong.
For all anyone here knows your information has been stolen from 10 other companies and they/you don't even know it. So don't assume just because this happened that Sony was careless. Thats dumb. If you're house got broken into and something of mine got stolen I would not yell at your for being "careless" with my posessions.
Except all information indicates that their security was obsolete. That is why possible lawsuits are coming out of this.
People are acting like we know for a fact that Sony did something wrong. We have no idea what kind of security they have, they could have done everything right but the hackers did too. Or maybe it was an inside job? Unfortunately you can do everything right and something can go wrong.
For all anyone here knows your information has been stolen from 10 other companies and they/you don't even know it. So don't assume just because this happened that Sony was careless. Thats dumb. If you're house got broken into and something of mine got stolen I would not yell at your for being "careless" with my posessions.
Actually Sony did something wrong and we actually know what went wrong. They held a press event and explained how this happened.
Their security had one layer rather than multiple layers in the intranet.
Sorry, but having layers of security is like security 101.
The main issue of how it got the entire database is because their intranet does not segment between data that should be secure (like customer info) and just normal data that doesn't have to be secure. How a multi-million corp has a security model like this in the 21st century is just mind-boggling and goes into the 'gross negligence' territory. Hence the class-action lawsuit.
Like I said, this is all based on that press event Sony had.
Gdemami - Informing people about your thoughts and impressions is not a review, it's a blog.
ok so far they already stated a brief idea what will be involved .though this applies to some psn users but guess same will be true for all sony online gamers
30 days free time +days offline.meaning if say eq is off for 1 week it will be 37 days free.
they will pay for credit monitoring service for 2 years for all those who had their credit details compromised.
i think this is just as good as it can get to be honest.
please remember this same guys hacked mastercard and amazon.
If what the latest is true, the people responsible are Anonymous.
What a complete bunch of back stabbing bastards. Supposedly most are gamers, what kind of community steals from its own? Lowest of the low.
Stealing people's identity, filling them with 'fear'. It's called terrorism, and I hope they prosecute the bastards on such scale.
Anonymous just jumped the shark. Can't believe I ever thought this collective was once righteous.
Gamers need to fight back, time to find these fools.
Anonymous released a statement that they didn't do it. Normally they brag about their accomplishments so either someone's pointing the finger at them or they're nervous about the amount of attention. Whoever the hackers are though seem to have refrained from going on a shopping spree with the stolen information, but yes, they deserve to be punished.
1. This information was obtained by the hackers: "name, address (city, state, zip, country), email address, gender, birthdate, phone number, login name and hashed password."
2. A hashed password is difficult to break, especially when the hashing algorithm is not public knowledge. Therefor it is unlikely any hacker will be finding your password anytime soon if at all.
3. The ONLY financial information stolen belongs to " customers in Germany, Austria, Netherlands and Spain".
4. The financial information stolen is 4 years old. Which means any debit/credit card used would have expired by now even if the card was brand new at the time.
5. Sony has done absolutely NOTHING illegal in this case. They had an outdated version of an Apache server that was taken advantage of by hackers. This is not a crime.
6. They currently have NO confirmed knowledge that any PC game account database has been hacked into at all. They use a similar system for their PC accounts and therefor determined that it is likely (but not 100% sure) that that system was also hacked into.
For those of you that are worried, do keep in mind that name, address, gender, birthdate, and phone number are generally already public information that really does not require much work at all to determine on any individual.
Additionally "There is no evidence that [their] main credit card database was compromised. It is in a completely separate and secured environment."
If you are still unsatisfied, the best course of action would be to alert your bank/credit card company that your information may have been compromised. In doing so, they can flag your account to watch for odd charges or even give you a new card/account number and thus completely routing any possible cases of fraud against you. Every financial service does this free of charge to my knowledge.
this is their denial but they do claim to have been carrying out hacks on sony at the same time as it happened and have previously declared war on sony for taking to court someone who hacked and pirated ps3.
so its kind of hard to believe them since they did threathen sony previously and admit to have been on the crime scene at the time of the theft doing illegaal stuff.
if they did not steal the details someone in their group certainly did .
in a way i think they are beginning to realise the backlash of all this.they done amazon and mastercard now sony so the big cooperations are probably all gathering to breath down the government and FBI neck to find this guys as they know they might be next and anon are beginning to realise what all immature hackers finally do,they are in real danger of been arrested or worse.
also by going after services that runs games they are now enemies of fellow geeks,techs and such(only people to ever slightly sympathize with them).
never underestimate how far big copperations are willing to go to protect their billions of $$$$.
1. This information was obtained by the hackers: "name, address (city, state, zip, country), email address, gender, birthdate, phone number, login name and hashed password."
2. A hashed password is difficult to break, especially when the hashing algorithm is not public knowledge. Therefor it is unlikely any hacker will be finding your password anytime soon if at all.
3. The ONLY financial information stolen belongs to " customers in Germany, Austria, Netherlands and Spain".
4. The financial information stolen is 4 years old. Which means any debit/credit card used would have expired by now even if the card was brand new at the time.
5. Sony has done absolutely NOTHING illegal in this case. They had an outdated version of an Apache server that was taken advantage of by hackers. This is not a crime.
6. They currently have NO confirmed knowledge that any PC game account database has been hacked into at all. They use a similar system for their PC accounts and therefor determined that it is likely (but not 100% sure) that that system was also hacked into.
For those of you that are worried, do keep in mind that name, address, gender, birthdate, and phone number are generally already public information that really does not require much work at all to determine on any individual.
Additionally "There is no evidence that [their] main credit card database was compromised. It is in a completely separate and secured environment."
If you are still unsatisfied, the best course of action would be to alert your bank/credit card company that your information may have been compromised. In doing so, they can flag your account to watch for odd charges or even give you a new card/account number and thus completely routing any possible cases of fraud against you. Every financial service does this free of charge to my knowledge.
1. This information was obtained by the hackers: "name, address (city, state, zip, country), email address, gender, birthdate, phone number, login name and hashed password."
2. A hashed password is difficult to break, especially when the hashing algorithm is not public knowledge. Therefor it is unlikely any hacker will be finding your password anytime soon if at all.
3. The ONLY financial information stolen belongs to " customers in Germany, Austria, Netherlands and Spain".
4. The financial information stolen is 4 years old. Which means any debit/credit card used would have expired by now even if the card was brand new at the time.
5. Sony has done absolutely NOTHING illegal in this case. They had an outdated version of an Apache server that was taken advantage of by hackers. This is not a crime.
6. They currently have NO confirmed knowledge that any PC game account database has been hacked into at all. They use a similar system for their PC accounts and therefor determined that it is likely (but not 100% sure) that that system was also hacked into.
For those of you that are worried, do keep in mind that name, address, gender, birthdate, and phone number are generally already public information that really does not require much work at all to determine on any individual.
Additionally "There is no evidence that [their] main credit card database was compromised. It is in a completely separate and secured environment."
If you are still unsatisfied, the best course of action would be to alert your bank/credit card company that your information may have been compromised. In doing so, they can flag your account to watch for odd charges or even give you a new card/account number and thus completely routing any possible cases of fraud against you. Every financial service does this free of charge to my knowledge.
A voice of reason in a sea of idiots.
There's really no reason to be so beligerant. Right now, people are concerned. And rightfully so. Even in corporate America, there's only so much that can be told to the consumer. The FBI, being involved, is most likely telling Sony that they can only say so much. And unfortunately, there can only be conjectures, prognostications, and guesses. Whether we like it or not, we have to "trust" what Sony has sent to us in terms of information. And I put trust in quotes. Because there will be a massive hit in the trust department. But it's the only information anyone has to go on.
So calling people here idiots is just poor form. It's possible...possible...that people's lives are a bit upside down right now scrambling to protect their information. I'm not going to talk probable because I don't know the probability of what could happen.
Give the masses a bit of a break and let them vent and voice their concerns. People can find the facts for themselves once they calm down. Please keep your hatemongering out of a touchy situation.
1. This information was obtained by the hackers: "name, address (city, state, zip, country), email address, gender, birthdate, phone number, login name and hashed password."
2. A hashed password is difficult to break, especially when the hashing algorithm is not public knowledge. Therefor it is unlikely any hacker will be finding your password anytime soon if at all.
3. The ONLY financial information stolen belongs to " customers in Germany, Austria, Netherlands and Spain".
4. The financial information stolen is 4 years old. Which means any debit/credit card used would have expired by now even if the card was brand new at the time.
5. Sony has done absolutely NOTHING illegal in this case. They had an outdated version of an Apache server that was taken advantage of by hackers. This is not a crime.
6. They currently have NO confirmed knowledge that any PC game account database has been hacked into at all. They use a similar system for their PC accounts and therefor determined that it is likely (but not 100% sure) that that system was also hacked into.
For those of you that are worried, do keep in mind that name, address, gender, birthdate, and phone number are generally already public information that really does not require much work at all to determine on any individual.
Additionally "There is no evidence that [their] main credit card database was compromised. It is in a completely separate and secured environment."
If you are still unsatisfied, the best course of action would be to alert your bank/credit card company that your information may have been compromised. In doing so, they can flag your account to watch for odd charges or even give you a new card/account number and thus completely routing any possible cases of fraud against you. Every financial service does this free of charge to my knowledge.
if you go back and reread the soe statement.. BANK account numbers were taken which could be the same even 4 years later.
also
The personal information of the approximately 24.6 million SOE accounts that was illegally obtained, to the extent it had been provided to SOE, is as follows:
name
address
e-mail address
birthdate
gender
phone number
login name
hashed password.
most of those 24.6m SOE accounts are PC game accounts.
Watch your thoughts; they become words. Watch your words; they become actions. Watch your actions; they become habits. Watch your habits; they become character. Watch your character; it becomes your destiny. Lao-Tze
1. This information was obtained by the hackers: "name, address (city, state, zip, country), email address, gender, birthdate, phone number, login name and hashed password."
2. A hashed password is difficult to break, especially when the hashing algorithm is not public knowledge. Therefor it is unlikely any hacker will be finding your password anytime soon if at all.
3. The ONLY financial information stolen belongs to " customers in Germany, Austria, Netherlands and Spain".
4. The financial information stolen is 4 years old. Which means any debit/credit card used would have expired by now even if the card was brand new at the time.
5. Sony has done absolutely NOTHING illegal in this case. They had an outdated version of an Apache server that was taken advantage of by hackers. This is not a crime.
6. They currently have NO confirmed knowledge that any PC game account database has been hacked into at all. They use a similar system for their PC accounts and therefor determined that it is likely (but not 100% sure) that that system was also hacked into.
For those of you that are worried, do keep in mind that name, address, gender, birthdate, and phone number are generally already public information that really does not require much work at all to determine on any individual.
Additionally "There is no evidence that [their] main credit card database was compromised. It is in a completely separate and secured environment."
If you are still unsatisfied, the best course of action would be to alert your bank/credit card company that your information may have been compromised. In doing so, they can flag your account to watch for odd charges or even give you a new card/account number and thus completely routing any possible cases of fraud against you. Every financial service does this free of charge to my knowledge.
1) That information is basically every piece of information I would need to establish credit
2) It's not that difficult to break. And geezus, for 100million passwords and identities, it's worth EVERY bit of effort!
3) Untrue. Credit card numbers are also "financial information".
4) While the cards may have expired, the banks use the exact same credit card numbers when they renew cards, they simply change the exp date.
5) Possibly - but just because it wasn't "illegal", does not mean they weren't negligent and have culpability. The FBI is investigating now. SOE wanted to sweep this under the rug, which is why they turned their systems back ON after learning of the PSN breach. In fact, until the FBI forced them to shut it down, they left their facebook games running.
6) What exactly is "game account"? I'm worried about my LIFE account being hacked, not pixels. They have notified customers. The FBI has forensic experts on site. Congress is holding hearings. Lawsuits have been filed. These aren't steps taken because you "think" you lost data.
At $20 per card on average, while it may seem like nothing to you and "no big deal" to just call up your bank and get new cards, it IS a big deal. Imagine if just 5% of the people involved in this requested new credit cards - that's $100 MILLION dollars! Who pays that?
This is a MASSIVE failure on SCE/SOE's part. Negligent, sloppy and flagrant.
1. This information was obtained by the hackers: "name, address (city, state, zip, country), email address, gender, birthdate, phone number, login name and hashed password."
2. A hashed password is difficult to break, especially when the hashing algorithm is not public knowledge. Therefor it is unlikely any hacker will be finding your password anytime soon if at all.
3. The ONLY financial information stolen belongs to " customers in Germany, Austria, Netherlands and Spain".
4. The financial information stolen is 4 years old. Which means any debit/credit card used would have expired by now even if the card was brand new at the time.
5. Sony has done absolutely NOTHING illegal in this case. They had an outdated version of an Apache server that was taken advantage of by hackers. This is not a crime.
6. They currently have NO confirmed knowledge that any PC game account database has been hacked into at all. They use a similar system for their PC accounts and therefor determined that it is likely (but not 100% sure) that that system was also hacked into.
For those of you that are worried, do keep in mind that name, address, gender, birthdate, and phone number are generally already public information that really does not require much work at all to determine on any individual.
Additionally "There is no evidence that [their] main credit card database was compromised. It is in a completely separate and secured environment."
If you are still unsatisfied, the best course of action would be to alert your bank/credit card company that your information may have been compromised. In doing so, they can flag your account to watch for odd charges or even give you a new card/account number and thus completely routing any possible cases of fraud against you. Every financial service does this free of charge to my knowledge.
if you go back and reread the soe statement.. BANK account numbers were taken which could be the same even 4 years later.
also
The personal information of the approximately 24.6 million SOE accounts that was illegally obtained, to the extent it had been provided to SOE, is as follows:
name
address
e-mail address
birthdate
gender
phone number
login name
hashed password.
most of those 24.6m SOE accounts are PC game accounts.
I didn't know you could use your bank account number with SoE...but I don't think i'd give my actual bank account numbers to anyone other than a trusted financial institution.
1. This information was obtained by the hackers: "name, address (city, state, zip, country), email address, gender, birthdate, phone number, login name and hashed password."
2. A hashed password is difficult to break, especially when the hashing algorithm is not public knowledge. Therefor it is unlikely any hacker will be finding your password anytime soon if at all.
3. The ONLY financial information stolen belongs to " customers in Germany, Austria, Netherlands and Spain".
4. The financial information stolen is 4 years old. Which means any debit/credit card used would have expired by now even if the card was brand new at the time.
5. Sony has done absolutely NOTHING illegal in this case. They had an outdated version of an Apache server that was taken advantage of by hackers. This is not a crime.
6. They currently have NO confirmed knowledge that any PC game account database has been hacked into at all. They use a similar system for their PC accounts and therefor determined that it is likely (but not 100% sure) that that system was also hacked into.
For those of you that are worried, do keep in mind that name, address, gender, birthdate, and phone number are generally already public information that really does not require much work at all to determine on any individual.
Additionally "There is no evidence that [their] main credit card database was compromised. It is in a completely separate and secured environment."
If you are still unsatisfied, the best course of action would be to alert your bank/credit card company that your information may have been compromised. In doing so, they can flag your account to watch for odd charges or even give you a new card/account number and thus completely routing any possible cases of fraud against you. Every financial service does this free of charge to my knowledge.
if you go back and reread the soe statement.. BANK account numbers were taken which could be the same even 4 years later.
also
The personal information of the approximately 24.6 million SOE accounts that was illegally obtained, to the extent it had been provided to SOE, is as follows:
name
address
e-mail address
birthdate
gender
phone number
login name
hashed password.
most of those 24.6m SOE accounts are PC game accounts.
I didn't know you could use your bank account number with SoE...but I don't think i'd give my actual bank account numbers to anyone other than a trusted financial institution.
they supposedly do or used to offer direct debit to non US countries..
Watch your thoughts; they become words. Watch your words; they become actions. Watch your actions; they become habits. Watch your habits; they become character. Watch your character; it becomes your destiny. Lao-Tze
1. This information was obtained by the hackers: "name, address (city, state, zip, country), email address, gender, birthdate, phone number, login name and hashed password."
2. A hashed password is difficult to break, especially when the hashing algorithm is not public knowledge. Therefor it is unlikely any hacker will be finding your password anytime soon if at all.
3. The ONLY financial information stolen belongs to " customers in Germany, Austria, Netherlands and Spain".
4. The financial information stolen is 4 years old. Which means any debit/credit card used would have expired by now even if the card was brand new at the time.
5. Sony has done absolutely NOTHING illegal in this case. They had an outdated version of an Apache server that was taken advantage of by hackers. This is not a crime.
6. They currently have NO confirmed knowledge that any PC game account database has been hacked into at all. They use a similar system for their PC accounts and therefor determined that it is likely (but not 100% sure) that that system was also hacked into.
For those of you that are worried, do keep in mind that name, address, gender, birthdate, and phone number are generally already public information that really does not require much work at all to determine on any individual.
Additionally "There is no evidence that [their] main credit card database was compromised. It is in a completely separate and secured environment."
If you are still unsatisfied, the best course of action would be to alert your bank/credit card company that your information may have been compromised. In doing so, they can flag your account to watch for odd charges or even give you a new card/account number and thus completely routing any possible cases of fraud against you. Every financial service does this free of charge to my knowledge.
if you go back and reread the soe statement.. BANK account numbers were taken which could be the same even 4 years later.
also
The personal information of the approximately 24.6 million SOE accounts that was illegally obtained, to the extent it had been provided to SOE, is as follows:
name
address
e-mail address
birthdate
gender
phone number
login name
hashed password.
most of those 24.6m SOE accounts are PC game accounts.
I didn't know you could use your bank account number with SoE...but I don't think i'd give my actual bank account numbers to anyone other than a trusted financial institution.
they supposedly do or used to offer direct debit to non US countries..
That sucks then... what a nightmare for Sony this must be. It's pretty much gotta be the worst thing a company can imagine happening.
That sucks then... what a nightmare for Sony this must be. It's pretty much gotta be the worst thing a company can imagine happening.
No shit! Which is why MOST companies take their security seriously. The litigation that will stem from this could sink SOE.
lol, I get it that you don't like SoE. But this could happen to any company. And if this happened to "X company that you do like" you would be cursing the hackers. Maybe Sony did have some outdated security, but they're not the criminals here. People should be yelling for the hackers to be found and prosecuted and then sue the crap out of them. ugh people drive me nuts.
That sucks then... what a nightmare for Sony this must be. It's pretty much gotta be the worst thing a company can imagine happening.
No shit! Which is why MOST companies take their security seriously. The litigation that will stem from this could sink SOE.
lol, I get it that you don't like SoE. But this could happen to any company. And if this happened to "X company that you do like" you would be cursing the hackers. Maybe Sony did have some outdated security, but they're not the criminals here. People should be yelling for the hackers to be found and prosecuted and then sue the crap out of them. ugh people drive me nuts.
no, no. its a given that the hackers are at fault and should be caught and prosecuted but SOE should be held responsile for their part to. SOE is not blameless. We know the FBI and SOE will go after the hackers... who is left to make sure SOE gets their due to? US
Watch your thoughts; they become words. Watch your words; they become actions. Watch your actions; they become habits. Watch your habits; they become character. Watch your character; it becomes your destiny. Lao-Tze
Just because they got hacked doesn't mean that they were careless. Plenty of companies with good security get hacked. This includes places like NASA, Military, Banks, and a host of other agencies and companies. To say that they were incompetant or irresponsible is merely the rantings of people who don't understand the world as it is, but how it should be.
The fact is that I assume risk when I put my information on the web. From my banking information to my gamining information, its all in jeopardy. The best you can do is try and limit the amount of information you put out there. The compsenation seems just. Like another poster stated, if my information is used or abused, I can seek further compensation at that time.
It amazes me that they have a major breach and take down the server to help fix this situation and ppl start immediately ranting about how SOE is down and the world is coming to an end. If they didn't take the server down to fix things, there would have been cries of incompetance on the part of SOE for not trying to fix the situation. Its almost comical if it weren't to sad.
End Rant
NOTE: They may have been careless, I don't know. But I would submit that the nugs on this site don't know one way or another.
think you got it about right.The planned compensation to me seems fair and if you are indeed the victim of identity theft i am pretty sure after the publicity this got sony will try settle further compensation asap.
but hey amazon and mastercard got hacked and i don't see people getting 1 zillion dollars because my details might be used for fraud.
people just trying to cash in as always .also this site is full of misinformation i just saw a whole page of people claiming soe has people bank details because some non us are using direct debit.i am based in uk and NEVER seen an option to direct debit for SoE and i have been in and out with them since 1999 and currently subbed also.
Just because they got hacked doesn't mean that they were careless. Plenty of companies with good security get hacked. This includes places like NASA, Military, Banks, and a host of other agencies and companies. To say that they were incompetant or irresponsible is merely the rantings of people who don't understand the world as it is, but how it should be.
The fact is that I assume risk when I put my information on the web. From my banking information to my gamining information, its all in jeopardy. The best you can do is try and limit the amount of information you put out there. The compsenation seems just. Like another poster stated, if my information is used or abused, I can seek further compensation at that time.
It amazes me that they have a major breach and take down the server to help fix this situation and ppl start immediately ranting about how SOE is down and the world is coming to an end. If they didn't take the server down to fix things, there would have been cries of incompetance on the part of SOE for not trying to fix the situation. Its almost comical if it weren't to sad.
End Rant
NOTE: They may have been careless, I don't know. But I would submit that the nugs on this site don't know one way or another.
think you got it about right.The planned compensation to me seems fair and if you are indeed the victim of identity theft i am pretty sure after the publicity this got sony will try settle further compensation asap.
but hey amazon and mastercard got hacked and i don't see people getting 1 zillion dollars because my details might be used for fraud.
people just trying to cash in as always .also this site is full of misinformation i just saw a whole page of people claiming soe has people bank details because some non us are using direct debit.i am based in uk and NEVER seen an option to direct debit for SoE and i have been in and out with them since 1999 and currently subbed also.
Tokyo, May 3, 2011 - Sony Corporation and Sony Computer Entertainment announced today that their ongoing investigation of illegal intrusions into Sony Online Entertainment LLC (SOE, the company) systems revealed yesterday morning (May 2, Tokyo time) that hackers may have stolen SOE customer information on April 16th and 17th, 2011 (PDT). SOE is based in San Diego, California, U.S.A.
This information, which was discovered by engineers and security consultants reviewing SOE systems, showed that personal information from approximately 24.6 million SOE accounts may have been stolen, as well as certain information from an outdated database from 2007. The information from the outdated database that may have been stolen includes approximately 12,700 non-U.S. credit or debit card numbers and expiration dates (but not credit card security codes), and about 10,700 direct debit records of certain customers in Austria, Germany, Netherlands and Spain.
Watch your thoughts; they become words. Watch your words; they become actions. Watch your actions; they become habits. Watch your habits; they become character. Watch your character; it becomes your destiny. Lao-Tze
Just because they got hacked doesn't mean that they were careless. Plenty of companies with good security get hacked. This includes places like NASA, Military, Banks, and a host of other agencies and companies. To say that they were incompetant or irresponsible is merely the rantings of people who don't understand the world as it is, but how it should be.
The fact is that I assume risk when I put my information on the web. From my banking information to my gamining information, its all in jeopardy. The best you can do is try and limit the amount of information you put out there. The compsenation seems just. Like another poster stated, if my information is used or abused, I can seek further compensation at that time.
It amazes me that they have a major breach and take down the server to help fix this situation and ppl start immediately ranting about how SOE is down and the world is coming to an end. If they didn't take the server down to fix things, there would have been cries of incompetance on the part of SOE for not trying to fix the situation. Its almost comical if it weren't to sad.
End Rant
NOTE: They may have been careless, I don't know. But I would submit that the nugs on this site don't know one way or another.
think you got it about right.The planned compensation to me seems fair and if you are indeed the victim of identity theft i am pretty sure after the publicity this got sony will try settle further compensation asap.
but hey amazon and mastercard got hacked and i don't see people getting 1 zillion dollars because my details might be used for fraud.
people just trying to cash in as always .also this site is full of misinformation i just saw a whole page of people claiming soe has people bank details because some non us are using direct debit.i am based in uk and NEVER seen an option to direct debit for SoE and i have been in and out with them since 1999 and currently subbed also.
Misinformation? Dude! It's on SOE's own page! They did store people's bank account information in the 2007 database that got hacked, linked to old debit card information.
You might not have entered it yourself, they most likely got it during processing of your debit card at that time from your bank!
And this alone here already warrants lawsuits against them, for still having that kind of Personal and sensitive information up and running in a live online environment and not even properly protected with any form of encryption at all!!
I really don't care about monetary compensation, just give me LoN illusion and ingame goodies like double exp pots and I'll be happy
xp potions.....that's what I'm talkin about. I think my vanguard account stopped getting any presents after 16 months....start that back up....potions....mmmm
I just want the servers up by saturday. I have 48 hours off of work and am looking forward to some EQ2 play time. Honestly if its not up this weekend I'll prolly start a different game and not return to EQ2. They need to fix or get the games going again or are going to start loosing customers to different games. Or atleast put out an actual time table. Knowing when to look forward to it is better then being completely in the dark.
Comments
People are acting like we know for a fact that Sony did something wrong. We have no idea what kind of security they have, they could have done everything right but the hackers did too. Or maybe it was an inside job? Unfortunately you can do everything right and something can go wrong.
For all anyone here knows your information has been stolen from 10 other companies and they/you don't even know it. So don't assume just because this happened that Sony was careless. Thats dumb. If you're house got broken into and something of mine got stolen I would not yell at your for being "careless" with my posessions.
Except all information indicates that their security was obsolete. That is why possible lawsuits are coming out of this.
Actually Sony did something wrong and we actually know what went wrong. They held a press event and explained how this happened.
Their security had one layer rather than multiple layers in the intranet.
Sorry, but having layers of security is like security 101.
The main issue of how it got the entire database is because their intranet does not segment between data that should be secure (like customer info) and just normal data that doesn't have to be secure. How a multi-million corp has a security model like this in the 21st century is just mind-boggling and goes into the 'gross negligence' territory. Hence the class-action lawsuit.
Like I said, this is all based on that press event Sony had.
Gdemami -
Informing people about your thoughts and impressions is not a review, it's a blog.
If what the latest is true, the people responsible are Anonymous.
What a complete bunch of back stabbing bastards. Supposedly most are gamers, what kind of community steals from its own? Lowest of the low.
Stealing people's identity, filling them with 'fear'. It's called terrorism, and I hope they prosecute the bastards on such scale.
Anonymous just jumped the shark. Can't believe I ever thought this collective was once righteous.
Gamers need to fight back, time to find these fools.
ok so far they already stated a brief idea what will be involved .though this applies to some psn users but guess same will be true for all sony online gamers
30 days free time +days offline.meaning if say eq is off for 1 week it will be 37 days free.
they will pay for credit monitoring service for 2 years for all those who had their credit details compromised.
i think this is just as good as it can get to be honest.
please remember this same guys hacked mastercard and amazon.
Anonymous released a statement that they didn't do it. Normally they brag about their accomplishments so either someone's pointing the finger at them or they're nervous about the amount of attention. Whoever the hackers are though seem to have refrained from going on a shopping spree with the stolen information, but yes, they deserve to be punished.
Wow this thread is RIDDLED with misinformation.
1. This information was obtained by the hackers: "name, address (city, state, zip, country), email address, gender, birthdate, phone number, login name and hashed password."
2. A hashed password is difficult to break, especially when the hashing algorithm is not public knowledge. Therefor it is unlikely any hacker will be finding your password anytime soon if at all.
3. The ONLY financial information stolen belongs to " customers in Germany, Austria, Netherlands and Spain".
4. The financial information stolen is 4 years old. Which means any debit/credit card used would have expired by now even if the card was brand new at the time.
5. Sony has done absolutely NOTHING illegal in this case. They had an outdated version of an Apache server that was taken advantage of by hackers. This is not a crime.
6. They currently have NO confirmed knowledge that any PC game account database has been hacked into at all. They use a similar system for their PC accounts and therefor determined that it is likely (but not 100% sure) that that system was also hacked into.
For those of you that are worried, do keep in mind that name, address, gender, birthdate, and phone number are generally already public information that really does not require much work at all to determine on any individual.
Additionally "There is no evidence that [their] main credit card database was compromised. It is in a completely separate and secured environment."
If you are still unsatisfied, the best course of action would be to alert your bank/credit card company that your information may have been compromised. In doing so, they can flag your account to watch for odd charges or even give you a new card/account number and thus completely routing any possible cases of fraud against you. Every financial service does this free of charge to my knowledge.
http://www.bgr.com/2011/05/05/anonymous-denies-involvement-in-sony-cyberattacks/#utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheBoyGeniusReport+%28BGR+%7C+Boy+Genius+Report%29&utm_content=Twitter
this is their denial but they do claim to have been carrying out hacks on sony at the same time as it happened and have previously declared war on sony for taking to court someone who hacked and pirated ps3.
so its kind of hard to believe them since they did threathen sony previously and admit to have been on the crime scene at the time of the theft doing illegaal stuff.
if they did not steal the details someone in their group certainly did .
in a way i think they are beginning to realise the backlash of all this.they done amazon and mastercard now sony so the big cooperations are probably all gathering to breath down the government and FBI neck to find this guys as they know they might be next and anon are beginning to realise what all immature hackers finally do,they are in real danger of been arrested or worse.
also by going after services that runs games they are now enemies of fellow geeks,techs and such(only people to ever slightly sympathize with them).
never underestimate how far big copperations are willing to go to protect their billions of $$$$.
A voice of reason in a sea of idiots.
There's really no reason to be so beligerant. Right now, people are concerned. And rightfully so. Even in corporate America, there's only so much that can be told to the consumer. The FBI, being involved, is most likely telling Sony that they can only say so much. And unfortunately, there can only be conjectures, prognostications, and guesses. Whether we like it or not, we have to "trust" what Sony has sent to us in terms of information. And I put trust in quotes. Because there will be a massive hit in the trust department. But it's the only information anyone has to go on.
So calling people here idiots is just poor form. It's possible...possible...that people's lives are a bit upside down right now scrambling to protect their information. I'm not going to talk probable because I don't know the probability of what could happen.
Give the masses a bit of a break and let them vent and voice their concerns. People can find the facts for themselves once they calm down. Please keep your hatemongering out of a touchy situation.
if you go back and reread the soe statement.. BANK account numbers were taken which could be the same even 4 years later.
also
The personal information of the approximately 24.6 million SOE accounts that was illegally obtained, to the extent it had been provided to SOE, is as follows:
name
address
e-mail address
birthdate
gender
phone number
login name
hashed password.
most of those 24.6m SOE accounts are PC game accounts.
Watch your thoughts; they become words.
Watch your words; they become actions.
Watch your actions; they become habits.
Watch your habits; they become character.
Watch your character; it becomes your destiny.
Lao-Tze
1) That information is basically every piece of information I would need to establish credit
2) It's not that difficult to break. And geezus, for 100million passwords and identities, it's worth EVERY bit of effort!
3) Untrue. Credit card numbers are also "financial information".
4) While the cards may have expired, the banks use the exact same credit card numbers when they renew cards, they simply change the exp date.
5) Possibly - but just because it wasn't "illegal", does not mean they weren't negligent and have culpability. The FBI is investigating now. SOE wanted to sweep this under the rug, which is why they turned their systems back ON after learning of the PSN breach. In fact, until the FBI forced them to shut it down, they left their facebook games running.
6) What exactly is "game account"? I'm worried about my LIFE account being hacked, not pixels. They have notified customers. The FBI has forensic experts on site. Congress is holding hearings. Lawsuits have been filed. These aren't steps taken because you "think" you lost data.
At $20 per card on average, while it may seem like nothing to you and "no big deal" to just call up your bank and get new cards, it IS a big deal. Imagine if just 5% of the people involved in this requested new credit cards - that's $100 MILLION dollars! Who pays that?
This is a MASSIVE failure on SCE/SOE's part. Negligent, sloppy and flagrant.
I didn't know you could use your bank account number with SoE...but I don't think i'd give my actual bank account numbers to anyone other than a trusted financial institution.
they supposedly do or used to offer direct debit to non US countries..
Watch your thoughts; they become words.
Watch your words; they become actions.
Watch your actions; they become habits.
Watch your habits; they become character.
Watch your character; it becomes your destiny.
Lao-Tze
That sucks then... what a nightmare for Sony this must be. It's pretty much gotta be the worst thing a company can imagine happening.
No shit! Which is why MOST companies take their security seriously. The litigation that will stem from this could sink SOE.
lol, I get it that you don't like SoE. But this could happen to any company. And if this happened to "X company that you do like" you would be cursing the hackers. Maybe Sony did have some outdated security, but they're not the criminals here. People should be yelling for the hackers to be found and prosecuted and then sue the crap out of them. ugh people drive me nuts.
no, no. its a given that the hackers are at fault and should be caught and prosecuted but SOE should be held responsile for their part to. SOE is not blameless. We know the FBI and SOE will go after the hackers... who is left to make sure SOE gets their due to? US
Watch your thoughts; they become words.
Watch your words; they become actions.
Watch your actions; they become habits.
Watch your habits; they become character.
Watch your character; it becomes your destiny.
Lao-Tze
think you got it about right.The planned compensation to me seems fair and if you are indeed the victim of identity theft i am pretty sure after the publicity this got sony will try settle further compensation asap.
but hey amazon and mastercard got hacked and i don't see people getting 1 zillion dollars because my details might be used for fraud.
people just trying to cash in as always .also this site is full of misinformation i just saw a whole page of people claiming soe has people bank details because some non us are using direct debit.i am based in uk and NEVER seen an option to direct debit for SoE and i have been in and out with them since 1999 and currently subbed also.
http://www.soe.com/securityupdate/pressrelease.vm
Tokyo, May 3, 2011 - Sony Corporation and Sony Computer Entertainment announced today that their ongoing investigation of illegal intrusions into Sony Online Entertainment LLC (SOE, the company) systems revealed yesterday morning (May 2, Tokyo time) that hackers may have stolen SOE customer information on April 16th and 17th, 2011 (PDT). SOE is based in San Diego, California, U.S.A.
This information, which was discovered by engineers and security consultants reviewing SOE systems, showed that personal information from approximately 24.6 million SOE accounts may have been stolen, as well as certain information from an outdated database from 2007. The information from the outdated database that may have been stolen includes approximately 12,700 non-U.S. credit or debit card numbers and expiration dates (but not credit card security codes), and about 10,700 direct debit records of certain customers in Austria, Germany, Netherlands and Spain.
Watch your thoughts; they become words.
Watch your words; they become actions.
Watch your actions; they become habits.
Watch your habits; they become character.
Watch your character; it becomes your destiny.
Lao-Tze
Misinformation? Dude! It's on SOE's own page! They did store people's bank account information in the 2007 database that got hacked, linked to old debit card information.
You might not have entered it yourself, they most likely got it during processing of your debit card at that time from your bank!
And this alone here already warrants lawsuits against them, for still having that kind of Personal and sensitive information up and running in a live online environment and not even properly protected with any form of encryption at all!!
I really don't care about monetary compensation, just give me LoN illusion and ingame goodies like double exp pots and I'll be happy
EQ1-AC1-DAOC-FFXI-L2-EQ2-WoW-DDO-GW-LoTR-VG-WAR-GW2-ESO
xp potions.....that's what I'm talkin about. I think my vanguard account stopped getting any presents after 16 months....start that back up....potions....mmmm
Tyrust - EQ
Proximo - EQII
Proximo - Warhammer Online
Fogerty - Vanguard
I just want the servers up by saturday. I have 48 hours off of work and am looking forward to some EQ2 play time. Honestly if its not up this weekend I'll prolly start a different game and not return to EQ2. They need to fix or get the games going again or are going to start loosing customers to different games. Or atleast put out an actual time table. Knowing when to look forward to it is better then being completely in the dark.